Fix issues with how we compute DST size #3687
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. Add proper bounds check for `size_of_val` intrinsics. 2. Refactor how we compute size of the object in our mem predicates. 3. Provide user visible methods to try to retrieve the size of the object if known and valid.
celinval
force-pushed
the
issue-3612-can-deref-2
branch
from
b47ae6d
to
f805e34
Compare
celinval
commented
Nov 12, 2024
kani-compiler/src/kani_middle/abi.rs
Outdated
| } | ||
| RigidTy::Tuple(tys) => { | ||
| // We have to recurse and get the maximum alignment of all sized portions. | ||
| let last_ty = tys.last().expect("Expected unsized tail"); |
There was a problem hiding this comment.
Note to self: Fix this. The order of fields is not guaranteed, and we need to use similar logic as the Adt logic to get the last field.
- Assume for now that we cannot compute foreign object size.
celinval
commented
Nov 13, 2024
| let model = match intrinsic { | ||
| Intrinsic::SizeOfVal => self.models[&KaniModel::SizeOfVal], | ||
| Intrinsic::MinAlignOfVal => self.models[&KaniModel::AlignOfVal], | ||
| // The rest is handled in hooks. |
There was a problem hiding this comment.
Suggested change
| // The rest is handled in hooks. | |
| // The rest is handled in codegen. |
|
FYI, I'm going to create a fix for the std in a separate PR. Also I think I could break down this PR into two if needed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Sorry for the big change. They were all somewhat connected to size of DST.
size_of_valandalign_of_valintrinsics.checked_size_of_rawandchecked_align_of_raw.from_raw_ptrin our tests.Fixes #3612
Fixes #3616
Fixes #3627
Fixes #3638
Fixes #3615
Call-outs
There's a bit of refactoring here on how to handle
size_of_valintrinsics to reuse the same logic as the new predicates. Otherwise we would have to apply two fixes and keep maintaining them both. Note that I haven't deleted the code used bythe intrinsic yet, since that is still used in the raw pointer to reference checks. I will do that in a follow up PR.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.